[milters] Archive

Lists Index Date Thread Search

Article: 713
From: Mike Kercher
Date: 2005-09-02 09:58:37 -0400
Subject: Re: Odd milter-sender issue

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

milters-bounce@milter.info <> scribbled on Friday, September 02, 2005 2:23
AM:

> Removal...........: milters-request@milter.info?subject=remove
> More information..: http://www.milter.info/#Support
> --------------------------------------------------------
> 
> Mike Kercher wrote:
>> Removal...........: milters-request@milter.info?subject=remove
>> More information..: http://www.milter.info/#Support
>> --------------------------------------------------------
>> 
>> Lately, I've started to see more and more of these:
>> 
>> Sep  1 15:12:52 avenger sendmail[27747]: j81KCfvG027747: from=<>,
>> size=3421, class=0, nrcpts=1,
>> msgid=<200509012012.j81KCfvG027747@avenger.vesol.net>,
>> proto=ESMTP, daemon=MTA, relay=va1-sg00029.securesites.net
>> [161.58.134.251] Sep  1 15:12:52 avenger sendmail[27747]:
> j81KCfvG027747:
>> to=<melitmnesb@domain.com>, delay=00:00:01, mailer=esmtp,
> pri=33421,
>> stat=queued
>> 
>> Background:  this server is the only MX for domain.com  My box
>> receives mail, virus scans and then forwards to another server for
>> final delivery.  I have the call ahead enabled in my
> milter-sender.cf,
>> but I suspect that since <> is whitelisted somehow, it is
> getting past
>> the milter.  Any ideas how to stop this?
> Do you have IsBackupMx=1 set, which would be normal. Is the
> mail store "up" and responding to milter-sender's
> call-ahead's when these messages arrive?
> 
> milter-sender is primarily a call-back milter and so to avoid
> (call-back) mail-loops, must white list <> as per RFC 2821.
> But there is no reason I can think of not to perform the
> call-ahead on MAIL FROM:<>.
> 
> So try this patch to move the white-list by-pass AFTER the
> call-ahead test.

I did not have IsBackupMx=1 set because it is not actually a backup MX.  It
is the ONLY MX.  I act as a middleman for virus/content scanning then
forward using mailertable to the mail store.

The mail store was up and running at the time.  The problem was that the
call-ahead was not being performed on a whitelisted connection.  The patch
appears to have solved the problem.

Many thanks for the quick patch!

Mike


Lists Index Date Thread Search